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(54) Multiple size cryptographic key system 

(57) A system is employed for providing two differ- 
ent levels of protection for cryptographic devices trans- 
mitting digital information. The system is independent of 
the cryptographic algorithm used and works with any 
keyed cryptographic algorithm. High grade encryption 
(18) is used for data transmitted from the transmitter 
device (10) and employs an encryption key of "Y" bits. 
This information is decrypted at the receiver (21) by a 



decryption circuit (22) also having a "Y" key size. At the 
receiver, return information is encrypted by an encryp- 
tion key (30) having °X H bits, where X = Y-Z, with Z being 
a variable. The low grade information encrypted at the 
receiver (21) is supplied back to the transmitter (10), 
which incorporates a decryption circuit (32) having an 
"X* key size for decrypting the lower grade information. 
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Description 

BAQKQRQUND 

With the increasing use of computer networks for s 
transferring data from one location to another remote 
location, a need has arisen for securing such data from 
unauthorized interception and reception. To provide 
such security, various cryptographic algorithms have 
been developed; and a transmitter then encrypts the 10 
data to be sent to the remote receiver by the use of such 
an algorithm. A decryption device utilizing the same 
algorithm is used at the receiver to decrypt the informa- 
tion to present it back in plain text, which then may be 
handled in any conventional manner at the receiver 15 
location. 

The cryptographic algorithms and the number of 
bits used in an encryption key vary from low grade 
encryption, which is relatively easy to "break" or pene- 
trate to high grade encryption, which typically employs 20 
larger keys (employing a greater number of bits), which 
are much more difficult to "break" Currently, valuable 
commercial property such as motion pictures, cable tel- 
evision signals, software, copyrighted music, and the 
like, is encoded in digital format. By utilizing digital for- 25 
mats, th* clarity of the original always is maintained; 
and there is no deterioration in quality, even though the 
digitalized information may be stored for a long period of 
time. In addition, when delivery of software, motion pic- 
tures, cable television or audio music property to a 30 
remote location is desired, all that is necessary is to 
transmit the digital data representative of this property 
from a transmitting location to a remote location, which 
may be anywhere in the world. Modern computers read- 
ily can receive and store such information; and trans- 3s 
mission links capable of handling this data on a 
worldwide basis exist. 

Properties, such as motion pictures, cable televi- 
sion programs, computer software and the like, are 
extremely valuable. Without high level encryption of 40 
such data when it is transmitted from one location to 
another, the valuable property being transmitted is sub- 
jected to the possibility of widespread piracy. Once such 
piracy occurs, the underlying value of the original prop- 
erty is greatly diminished, in some cases rendering it 45 
nearly valueless. As a result, it is extremely important 
that whenever such information is transferred by means 
of transmitting it over telephone lines or any other com- 
munications link (such as transmission to and from a 
satellite), the information is encrypted with a high grade so 
encryption key to scramble the sensitive data. This is 
done so the protected information not only is unreada- 
ble by hackers intercepting the transmission, but further 
is protected so that even a sophisticated effort at crack- 
ing or "breaking" the encryption cannot be accom- 55 
plished, or can only be accomplished with significant 
effort. 

As valuable information is transmitted worldwide, 
an additional problem is encountered. Currently, United 



States government policy prohibits the exportation of 
"high grade" encryption keys out of the United States. A 
weaker encryption scheme is permitted to be exported 
from the United States; but this encryption employs a 
shorter key (currently 40 bits or less). It has been found 
that such low grade encryption keys (such as a 40 bit 
key) can be broken with reasonable effort on behalf a 
person intent on breaking the encryption code. Thus, 
the low grade, exportable encryption keys which cur- 
rently exist are not suitable for protecting the extremely 
valuable property rights which exist in movies, games, 
video, software and the like. 

Wrthin the United States, for example in the cable 
television industry, typical cable servers send out 
games, video and software to customers using a larger 
high grade encryption key (a multi-bit key which typically 
is more than a 40-bit encryption scheme). The cable 
operator considers the encrypted information which is 
being sent as being privy only to the customer who pur- 
chases that particular service. The customer who 
requests information from the cable operator then is 
provided with a decryption key for decrypting the 
requested information. The customer then sends infor- 
mation back to the cable operator indicating that the 
information was received; and the necessary entitle- 
ment transaction is completed. This return information 
is not as important as the valuable information which 
originally is encrypted by the cable operator, and which 
is purchased by the customer. The same size key, how- 
ever, can be used for transmission in both directions. 

It is desirable to provide an encryption system 
which provides a high level of protection for the trans- 
mission of valuable data to a designated recipient, 
which may be used throughout the world to provide a 
high level or high grade encryption protection without 
breaching U.S. government regulations concerning the 
export of encryption systems. 

SUMMARY OF THE INVENTION 

It is an object of this invention to provide an 
improved encryption system. 

It is another object of this invention to provide an 
improved keyed encryption system. 

It is an additional object of this invention to provide 
an improved keyed encryption system using a larger key 
size for the encryption of data moving from a first data 
transmitter to a remote receiver and using a smaller size 
encryption key for the encryption of data moving from 
the remote receiver to the first data transmitter 

It is a further object of this invention to provide an 
encryption system which employs keyed cryptographic 
algorithms, in which the encryption key for data trans- 
mitted from a first location to a second location is 
encoded with a Y bit encryption key, and the encryption 
of data transmitted from the second location to the first 
location is encrypted with an X bit encryption key, which 
is smaller than the key Y. 

In accordance with a preferred embodiment of the 
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invention, an encryption system includes a transmitter 
device and a receiver device. The transmitter device 
has a transmit encryption circuit in it for supplying high 
grade encrypted information therefrom; and it has a 
decryption circuit in it for decrypting low grade encryp- 5 
tion information received thereby. The receiver device 
has a decryption circuit in it for decryption of the high 
grade encrypted information supplied to it; and it has an 
encryption circuit in it for supplying low grade encrypted 
information from it to the transmitter device. A communi- 10 
cation link couples the transmitter device and the 
receiver device for transferring the encrypted informa- 
tion between the devices. 

BRIEF DESCRIPTION OF THE DRAWING is 

The sole figure of the drawing is a block diagram of 
a preferred embodiment of the invention. 

DETAILED DESCRIPTION 2 o 

Reference now should be made to the drawing, 
which is a block diagram of a preferred embodiment of 
the invention. As illustrated in Figure 10, a transmitter 
device 10 is provided to send out information which 25 
needs to be protected, with the largest (most bits) 
encryption key size possible for the particular applica- 
tion with which the transmitter device 10 is used. The 
information which is encrypted is considered to be "high 
grade" information requiring a highest level of secrecy 30 
while it is being transferred over a communication link to 
a designated recipient. 

In the transmitter device 10, data may be obtained 
from one or the other of two conventional sources, 
namely an analog data source 11 or a digital data 35 
source 14. Analog data 1 1 must be converted to digital 
data before encryption; and this is accomplished by an 
analog-to-digital converter 12. Information from the con- 
verter 12 and from the digital data source 14 then may 
be applied to a switch 16, which selects whichever 40 
source is being utilized at any given time, to provide 
plain text digital data to the transmitter encryp- 
tion/decryption circuit 17. The source of the data which 
is provided through the switch 16 to the key circuit 17 
may be any suitable source of digital information. Infor- 45 
mation which is supplied at the transmitter device 1 0 for 
transfer to a remote recipient or customer typically is in 
the form of motion pictures, video games, cable televi- 
sion programming, computer software, or the like. Such 
material typically is very valuable and must be protected so 
against unauthorized reception during the transmission 
of such information from a source to an intended recipi- 
ent. 

To accomplish the encryption of the valuable plain 
text data which is obtained from the switch 16, an ss 
encryption key 18 is employed. As illustrated in the 
drawing, the key 18 employs an encryption key of "Y" 
bits which may operated with any desired type of keyed 
cryptographic algorithm. Typically, the larger the key 



size, the more secure is the encrypted data. For exam- 
ple, it has been found that a random number key of 56 
bits constitutes a highly efficient and secure encryption 
M Y" bit key used in the encryption circuit 1 8 at the trans- 
mitter device 10. The manner in which the random 
number for the key "Y" of the encryption circuit 18 is 
generated may be accomplished in any suitable man- 
ner. It also should be noted that while 56 bits is consid- 
ered a good length for the encryption key "Y" of the 
circuit 18, the key size may be any desired size, greater 
or smaller than this number, which is necessary to 
accomplish the level of encryption desired. 

Cipher text or encrypted information from the trans- 
mitter device 1 0 is supplied over a suitable communica- 
tions link, indicated at 20A in the drawing. This 
encrypted information then is supplied to a "Y" bit key 
decryption circuit 22 in a receiver device 21. The key 
decryption in the receiver device 21 employs the same 
number of bits "Y M which was used for the "Y" key 
encryption in the encryption circuit 18 to decode or 
decrypt the information. The plain text output then is 
provided at 24 for utilization at the location of the 
receiver device 21. 

Typically, acknowledgement of receipt of the 
encrypted information is desired at the transmitter 
device 10. This is accomplished in the circuit shown in 
the drawing by supplying plain text acknowledgement 
information at the input terminal 28 to an "X" bit key 
encryption circuit 30 in the receiver device 21. This 
information then is encrypted by the encryption circuit 
30 and is supplied as encrypted or cipher text over the 
communications link 20B to an "X" bit key decryption 
circuit 32 located in the encryption/decryption circuit 17 
of the transmitter device 1 0. 

The encryption key T is smaller (has fewer bits) 
than the "Y H key, where X-Y-Z, where Z is a variable. For 
example, a typical T key encryption used in the 
encryption circuit 30 is 40 bits; so that in this example 
the variable "Z" equals 1 6. 

It is readily apparent from an examination of the 
drawing and from the foregoing description that the 
encryption/decryption circuits 17 and 21 are not stand- 
ard. Each of these circuits encrypts information at one 
level or grade and decrypts it at a different level or 
grade. For example, the encryption/decryption circuit 1 7 
of the transmitter device 10 is designed to encrypt high 
grade information with a large (56 bit) encryption key 
"Y". The circuit 1 7, however, decrypts information which 
is low grade information encrypted with a much smaller 
(fewer number of bits) key H X H to produce the plain text 
output 34 at the transmitter device 10. Similarly, the 
encryption/decryption circuit 21 at the receiver device 
utilizes the "Y" key decryption for decoding or decrypt- 
ing the high grade encrypted information supplied 
through the transmission link 20A; whereas the low 
grade plain text information at 28 is encrypted by a 
much smaller encryption key "X" at 30, as described 
above. 

The operation of the system is such that information 
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encrypted at either the transmitter device 10 or the 
receiver device 21 may be decrypted or decoded by the 
other, but that the receiver device is incapable of 
encrypting information with the high grade or long 
encryption key "Y" utilized in the transmitter device 10. 5 
An example for one of the reasons for this difference in 
encryption/decryption capabilities between the trans- 
mitter device 10 and the receiver device 21 may be used 
for the cable TV industry. As mentioned previously, typi- 
cal cable servers send out games, video and software w 
to customers encrypted by the larger (high grade) "Y H 
key through the encryption circuit 18. The cable opera- 
tor considers this information to be privy only to the cus- 
tomers who purchase the particular service which is 
represented. To protect this information, the cable oper- 15 
ator encrypts the data base with the largest key size 
possible, which in the above example is the "Y" key. The 
paying customer at the receiver device 21, requesting 
information from the cable operator, then uses the 
larger "Y H key to decrypt the information at 22. Next, the 2 o 
device at the customer location sends information from 
28 back to the cable operator through the "X" bit encryp- 
tion circuit 30, indicating the information was received; 
and the necessary entitlement transaction is completed. 

The customer encrypts the data at 28 using the 25 
smaller key "X H , since this information has a short life- 
time of use. This is contrast to the long lifetime of use of 
the data base which is encrypted by the cable operator 
through the "Y" key encryption circuit 18. Typically, high 
grade information requires that the information to be 30 
protected for several years. Low grade information may 
be defined as information with a lifetime that is only val- 
uable for weeks to months, at the most; and at the end 
of that time, the information no longer is useful. In gen- 
eral, important data is protected with the high grade key 3s 
or larger key "Y" ; and low grade or less important infor- 
mation is protected by a low grade or smaller key "X". 

It further should be noted that for individuals or 
companies whose information originates from the 
United States (at the transmitter device 10), can trans- 40 
mit and encrypt that information using a large secure- 
sized key of "Y" length (such as the 56 bit length used in 
the example above) to a receiving device 21 for decryp- 
tion, using the same "Y H length decryption key, even 
though the receiving device 21 may be located outside 45 
the United States. The smaller "X" key encrypts infor- 
mation sent back to the United States which is consid- 
ered valuable, but only for a short period of time. No 
restrictions currently exist for the size of a decryption 
key, such as the decryption key 22 which may be so 
exported from the United States. The restrictions 
imposed by the United States government are on the 
size of encryption keys. Currently, a 40 bit encryption 
key can be used for the "X" key for devices which are 
exported out of the United States. Thus, the system 55 
described above meets the requirements of the United 
States government concerning the limitations of the 
exportation of high grade or large encryption keys, while 
at the same time securely protecting information of a 



valuable nature transmitted from the United States to 
locations outside of the United States. 

Ideally, the encryption/decryption circuits 17 and 21 
are fabricated as part of a unitary integrated circuit, with 
the design of the receiving unit 21 preventing or making 
it difficult for anyone to alter the encryption device to 
increase the size of the encryption key "X". 

The foregoing description of the preferred embodi- 
ment of the invention is to be considered as illustrative 
and not as limiting. Various changes and modrf ications 
will occur to those skilled in the art for performing sub- 
stantially the same function, in substantially the way, to 
achieve substantially the same result, without departing 
from the scope of the invention as defined in the 
appended claims. 

Claims 

1 . An encryption system including a transmitter device 
(10) having an encryption circuit (18) therein for 
encrypting high grade information supplied thereto 
to produce high grade encrypted information, and a 
receiver device (21) having a decryption circuit (22) 
therein for decrypting high grade encrypted infor- 
mation supplied thereto, said system characterized 
by; 

the transmitter device (32) having a decryp- 
tion circuit therein for decrypting low grade 
encrypted information received thereby; 

the receiver device having an encryption circuit 
(30) therein for encrypting low grade informa- 
tion supplied thereto to produce low grade 
encrypted information; and 
a communications link (20A) coupling said 
transmitter device and said receiver device for 
supplying said high grade encrypted informa- 
tion from the transmitter device (10) to the 
receiver device (21) for decryption by the 
decryption circuit (22) therein and for supplying 
via (20B) said low grade encrypted information 
from the receiver device (21) to the transmitter 
device (10) for decryption by the decryption cir- 
cuit (32) therein. 

2. The system according to Claim 1 further character- 
ized in that the encryption circuit (18) for the trans- 
mitter device (10) has an encryption key of Y bits 
and the decryption circuit (22) of the receiver device 
(21 ) has a decryption key of Y bits, and wherein the 
encryption circuit (30) of the receiver device (21) 
has an encryption key of X bits where X = Y-Z, 
where Z is a variable, and the decryption circuit (32) 
of the transmitter device (10) has a decryption key 
of X bits. 

3. The system according to Claim 2 further character- 
ized in that the encryption circuit (18) of the trans- 
mitter device (10) and the decryption circuit (32) of 
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the transmitter device ( 1 0) are constructed as a first 
single integrated circuit, and the encryption circuit 
(30) of the receiver device and the decryption circuit 
(22) for the receiver device 21 are constructed as a 
second single integrated circuit. 5 

4. The system according to Claim 3 further character- 
ized in that Y» 56 bits and Z« 16 bits. 

5. The system according to Claim 4 further character- 10 
ized by a source of plain text (11 or 14 via 16) sup- 
plied to the encryption circuit (18) of the transmitter 
device (10) for encryption thereby to supply high 
grade encrypted information through the communi- 
cations link (20A) to the decryption circuit (22) of is 
the receiver device (21); and a source of plain text 
(28) supplied to the encryption circuit (30) of the 
receiver device (21) for encryption thereby to sup- 
ply low grade encrypted information through the 
communications link (20B) to the decryption circuit 20 
(32) of the transmitter device (10). 

6. The system according to Claim 1 further character- 
ized in that the encryption circuit (17) for the trans- 
mitter device (10) and the decryption circuit (22) for 25 
the receiver device (21) each have a key size of Y 
bits, and the decryption circuit (32) for the transmit- 
ter device (10) and the encryption circuit (30) for the 
receiver device (21) each have a key size of X bits, 
where X=Y-Z, with Z being a variable. 30 

7. The system according to Claim 6 further character- 
ized by a source of plain text (11 or 14 via 16) sup- 
plied to the encryption circuit (18) of the transmitter 
device (10) for encryption thereby to supply high 35 
grade encrypted information through the communi- 
cations link (20A) to the decryption circuit (22) of 
the receiver device (21); and a source of plain text 
(28) supplied to the encryption circuit (30) of the 
receiver device (21) for encryption thereby to sup- 40 
ply low grade encrypted information through the 
communications link (20B) to the decryption circuit 
(32) of the transmitter device (10). 

8. The system according to Claim 7 further character- 45 
ized in that Y= 56 bits and Z=16 bits. 

9. The system according to Claim 8 further character- 
ized in that the encryption circuit (18) of the trans- 
mitter device (10) and the decryption circuit (32) of so 
the transmitter device (10) are constructed as a first 
single integrated circuit, and the encryption circuit 
(30) of the receiver device and the decryption circuit 
(22) for the receiver device 21 are constructed as a 
second single integrated circuit. 55 

10. The system according to Claim 1 further character- 
ized by a source of plain text (1 1 or 14 via 16) sup- 
plied to the encryption circuit (18) of the transmitter 



device (10) for encryption thereby to supply high 
grade encrypted information through the communi- 
cations link (20A) to the decryption circuit (22) of 
the receiver device (21); and a source of plain text 
(28) supplied to the encryption circuit (30) of the 
receiver device (21) for encryption thereby to sup- 
ply low grade encrypted information through the 
communications link (20B) to the decryption circuit 
(32) of the transmitter device (10). 

11. The system according to Claim 1 further character- 
ized in that the encryption circuit (18) of the trans- 
mitter device (10) and the decryption circuit (32) of 
the transmitter device (10) are constructed as a first 
single integrated circuit, and the encryption circuit 
(30) of the receiver device and the decryption circuit 
(22) for the receiver device 21 are constructed as a 
second single integrated circuit. 

12. The system according to Claim 1 further character- 
ized in that the encryption circuit (18) for the high 
grade encryption employs an encryption key size 
having a greater number of bits than the encryption 
key size used by the encryption circuit (30) for the 
low grade information. 

13. The system according to Claim 1 further character- 
ized in that both the high grade encrypted informa- 
tion and the low grade encrypted information 
employ keyed cryptographic algorithms with the 
encryption circuit (18) for the high grade encrypted 
information employing a key size having a greater 
number of bits than the key size of the encryption 
circuit (30) for the low grade encrypted information. 
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